Gajendra's Blog

In application security world blacklisting and whitelisting validations are very popular. This basically indicates what should be allowed and what shouldn’t be allowed. I was thinking about some of the web applications deployment structure and paying attention on the way various files are packaged and deployed. I found one interesting thing about web assets like CSS, Images and fonts , java scripts. When we host the web assets, URLs that actually provide web assets are actually not protected up to the mark. Let’s say  you have an application which has URL something like this http://someapplicationname/somecontext/myaccount when you access the above mentioned URL, application may redirect you to login page, Whole idea is to force user to authenticate him/herself and create a secure session. Once the session is established you can access and the account page and do whatever you want to do. But web asset URLs are not protected.   http://someapplicationname/someconte...

Its hard to arrive at conclusion in this wide and ever changing job market of IT industry but one thing is quite evident that now data is becoming highly critical and crucial to any business. Most of the recruitment are happening around 1. Dealing with data. (Web service, SOA, API's etc..) 2. Protecting Data (Protection of data at rest and at transit, Web development  Security, AppSec, Cyber Theft, Computer Forensics) 3. Analyzing data (BigData implementation platform, Hadoop, Stream Analytics and technologies supporting this platforms). Of course there are many other technologies which are highly paid but that have become quite saturated but form the above mentioned 3 points, let me try to get into the specific job titles 1. Web Application Development :  Application development which supports all the operating systems and possible hardware(s). Android, iOS, Smart watch and other devices. This include Web based and native app development. Front end development is ...